IT Security Analyst/Network Administrator

SUMMARY:

This position oversees and continuously enhances corporate security efforts by independently and objectively evaluating threats, vulnerabilities, risks, security vendors, and security infrastructure. The Security Analyst plays a critical role in managing and monitoring enterprise-wide security solutions, ensuring regulatory compliance, and developing internal procedures to strengthen the company's cyber resilience.

DUTIES AND RESPONSIBILITIES:

• Develop, implement, and maintain security policies and procedures to protect all information technology systems.
• Conduct ongoing risk assessments, including internal/external penetration testing coordination via Rapid7 , and vulnerability management using Tenable Security .
• Perform regular inventory assessments of all technology systems and configurations to identify and remediate security gaps.
• Manage patching schedules and coordinate remediation efforts with infrastructure and application teams.
• Maintain security requirements documentation, vendor commitments (e.g., Empower Web App & Doc Scan ), and regulatory checklists for frameworks like SOC 2 and HIPAA.
• Lead internal training and awareness programs, including KnowBe4 phishing simulation and user-based training .
• Oversee and investigate violations of security policies, document findings and lead resolution protocols.
• Administer and enforce user profile and password standards across enterprise systems, leveraging EntraID for identity and access management.
• Assist with Business Continuity Plan testing and updates.
• Coordinate and manage security vendors, including:
  • SonicWall NetExtender VPN for secure remote connectivity.
  • Cisco FirePower for firewall and intrusion prevention.
  • Barracuda Empower for web app security and document scanning.
  • Zix and ProofPoint (email threat protection and secure messaging).
  • CrowdStrike Falcon Complete for endpoint threat detection and response.
• Manage compliance and renewal of SOC 2 certification and similar audit processes.
• Keep senior leadership informed on security posture, metrics, and risk trends.
• Assist in other network and server support as requested.

QUALIFICATIONS:

To perform this job successfully, the individual must fulfill each essential duty reliably, while maintaining satisfactory attendance and adhering to company standards.

EDUCATION AND/OR EXPERIENCE:

• Bachelor's degree in information security, Computer Science, or a related field.
• Minimum 3 years' experience in cybersecurity operations or equivalent combination of education and experience.
• Familiarity with a wide range of tools, including but not limited to Rapid7, CrowdStrike, Cisco FirePower, SonicWall, Tenable, KnowBe4, EntraID, Barracuda, and ProofPoint .
• Working knowledge of compliance frameworks (SOC 2, HIPAA).
• Strong analytical, documentation, and communication skills.

OTHER SKILLS AND ABILITIES:

• In-depth knowledge of modern cyber threats and security tools.
• Ability to deliver clear reports and presentations to technical and non-technical audiences.
• Ability to manage third-party vendors and track security-related financial commitments.
• Timely issue resolution and professional communication across departments.